Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2025-27165

    Substance3D - Stager versions 3.1.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.... Read more

    Affected Products : macos windows substance_3d_stager
    • Published: Jul. 08, 2025
    • Modified: Jul. 14, 2025
    • Vuln Type: Information Disclosure

  • 5.5

    MEDIUM
    CVE-2021-33910

    basic/unit-name.c in systemd prior to 246.15, 247.8, 248.5, and 249.1 has a Memory Allocation with an Excessive Size Value (involving strdupa and alloca for a pathname controlled by a local attacker) that results in an operating system crash.... Read more

    • Published: Jul. 20, 2021
    • Modified: Jun. 09, 2025

  • 5.5

    MEDIUM
    CVE-2025-24276

    This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. A malicious app may be able to access private information.... Read more

    Affected Products : macos
    • Published: Mar. 31, 2025
    • Modified: Apr. 07, 2025
    • Vuln Type: Information Disclosure

  • 5.5

    MEDIUM
    CVE-2025-24091

    An app could impersonate system notifications. Sensitive notifications now require restricted entitlements. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.3. An app may be able to cause a denial-of-service.... Read more

    Affected Products : iphone_os ipados
    • Published: Apr. 30, 2025
    • Modified: May. 12, 2025
    • Vuln Type: Authorization

  • 5.5

    MEDIUM
    CVE-2025-22012

    In the Linux kernel, the following vulnerability has been resolved: Revert "arm64: dts: qcom: sdm845: Affirm IDR0.CCTW on apps_smmu" There are reports that the pagetable walker cache coherency is not a given across the spectrum of SDM845/850 devices, le... Read more

    Affected Products : linux_kernel
    • Published: Apr. 08, 2025
    • Modified: Apr. 10, 2025
    • Vuln Type: Misconfiguration

  • 5.5

    MEDIUM
    CVE-2025-21769

    In the Linux kernel, the following vulnerability has been resolved: ptp: vmclock: Add .owner to vmclock_miscdev_fops Without the .owner field, the module can be unloaded while /dev/vmclock0 is open, leading to an oops.... Read more

    Affected Products : linux_kernel
    • Published: Feb. 27, 2025
    • Modified: Mar. 05, 2025
    • Vuln Type: Misconfiguration

  • 5.5

    MEDIUM
    CVE-2018-4198

    An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "UIKit" component. It allows remote attackers to cause... Read more

    Affected Products : mac_os_x iphone_os watchos apple_tv
    • Published: Jun. 08, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2025-21641

    In the Linux kernel, the following vulnerability has been resolved: mptcp: sysctl: blackhole timeout: avoid using current->nsproxy As mentioned in the previous commit, using the 'net' structure via 'current' is not recommended for different reasons: - ... Read more

    Affected Products : linux_kernel
    • Published: Jan. 19, 2025
    • Modified: Jan. 19, 2025
    • Vuln Type: Misconfiguration

  • 5.5

    MEDIUM
    CVE-2025-21533

    Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.24 and prior to 7.1.6. Easily exploitable vulnerability allows low privileged attacker with logon to the ... Read more

    Affected Products : vm_virtualbox
    • Published: Jan. 21, 2025
    • Modified: Jun. 23, 2025
    • Vuln Type: Authentication

  • 5.5

    MEDIUM
    CVE-2023-37926

    A buffer overflow vulnerability in the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-VPN series firmware versions 4.16 through... Read more

    • Published: Nov. 28, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-37925

    An improper privilege management vulnerability in the debug CLI command of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50(W) series firmware versions 4.16 through 5.37, USG20(W)-V... Read more

    • Published: Nov. 28, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-30940

    A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.1, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2, Security Update 2021-008 Catalina. Processing a maliciously crafted USD file may disclose memo... Read more

    Affected Products : macos mac_os_x iphone_os ipados
    • Published: Aug. 24, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-4181

    In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions.... Read more

    Affected Products : ubuntu_linux debian_linux mac_os_x
    • Published: Jan. 11, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-37765

    GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the gf_dump_vrml_sffield function at /lib/libgpac.so.... Read more

    Affected Products : gpac
    • Published: Jul. 11, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2023-37767

    GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the BM_ParseIndexValueReplace function at /lib/libgpac.so.... Read more

    Affected Products : gpac
    • Published: Jul. 11, 2023
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-8841

    PDF-XChange Editor PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to expl... Read more

    Affected Products : pdf-xchange_editor pdf-tools
    • Published: Nov. 22, 2024
    • Modified: Dec. 04, 2024

  • 5.5

    MEDIUM
    CVE-2024-8823

    PDF-XChange Editor JB2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to expl... Read more

    Affected Products : pdf-xchange_editor pdf-tools
    • Published: Nov. 22, 2024
    • Modified: Dec. 04, 2024

  • 5.5

    MEDIUM
    CVE-2018-4179

    In macOS High Sierra before 10.13.4, there was an issue with the handling of smartcard PINs. This issue was addressed with additional logic.... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Jan. 11, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2024-8816

    PDF-XChange Editor U3D File Parsing Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit ... Read more

    Affected Products : pdf-xchange_editor pdf-tools
    • Published: Nov. 22, 2024
    • Modified: Dec. 04, 2024

  • 5.5

    MEDIUM
    CVE-2023-37732

    Yasm v1.3.0.78 was found prone to NULL Pointer Dereference in /libyasm/intnum.c and /elf/elf.c, which allows the attacker to cause a denial of service via a crafted file.... Read more

    Affected Products : yasm
    • Published: Jul. 26, 2023
    • Modified: Nov. 21, 2024
Showing 20 of 292802 Results